sorry...I clicked 'reply' to the wrong message :)
________________________________ From: Naema Chowdhry <[email protected]> To: [email protected] Sent: Thu, May 26, 2011 11:33:18 AM Subject: Re: [wp-testers] Talsoft S.R.L. Security Advisory - WordPress User IDs and User Names Disclosure I am looking at the iPod and does it have wi-fi on it? Because they are touting video talking "with your friends" ________________________________ From: Cameron Miller <[email protected]> To: [email protected] Sent: Thu, May 26, 2011 11:32:22 AM Subject: Re: [wp-testers] Talsoft S.R.L. Security Advisory - WordPress User IDs and User Names Disclosure That email looked pretty impressive though, huh? Gotta admit that :-) I kinda agree with you though, Andrew. Probably 80% of the WordPress installs out there still have "admin" as the superuser name, so it's not like it's a big secret or anything. Cameron. On May 27, 2011, at 12:17 AM, Andrew Nacin wrote: > On Thu, May 26, 2011 at 9:59 AM, Veronica <[email protected]> wrote: > >> ----------------------------------------------------------------------- >> Talsoft S.R.L. Security Advisory >> WordPress User IDs and User Names Disclosure >> ----------------------------------------------------------------------- >> >> I. Advisory information >> Title: WordPress User IDs and User Names Disclosure >> Advisory Id: TALSOFT-2011-0526 >> Advisory URL: >>http://www.talsoft.com.ar/index.php/research/security-advisories/wordpress-user-id-and-user-name-disclosure >> >>e >> Date published: 2011-05-26 > > > > <snip> >> >> - WordPress team agreed to release the security advisory. > > > Worth sharing here that the WordPress core team is under the opinion that > username disclosure is not and has never been a security vulnerability. > There will be no further work in this area. > > Nacin > _______________________________________________ > wp-testers mailing list > [email protected] > http://lists.automattic.com/mailman/listinfo/wp-testers _______________________________________________ wp-testers mailing list [email protected] http://lists.automattic.com/mailman/listinfo/wp-testers _______________________________________________ wp-testers mailing list [email protected] http://lists.automattic.com/mailman/listinfo/wp-testers _______________________________________________ wp-testers mailing list [email protected] http://lists.automattic.com/mailman/listinfo/wp-testers
